Add TOR_EXTRA_OPTIONS in torrc template

4 years ago · 914d1d0c72
parent 0eb745a4f9
commit 914d1d0c72
4 changed files with 51 additions and 11 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -1,6 +1,6 @@
 repos:
 -   repo: git://github.com/pre-commit/pre-commit-hooks
-    rev: v2.2.1
+    rev: v2.5.0
    hooks:
    -   id: check-added-large-files
    -   id: check-docstring-first
@ -14,11 +14,11 @@ repos:
    -   id: requirements-txt-fixer
    -   id: trailing-whitespace
 -   repo: https://github.com/pre-commit/mirrors-autopep8
-    rev: 'v1.4.4'
+    rev: v1.5
    hooks:
    -   id: autopep8
 -   repo: git://github.com/asottile/reorder_python_imports
-    rev: v1.4.0
+    rev: v1.9.0
    hooks:
    -   id: reorder-python-imports
        language_version: python3
--- a/README.md
+++ b/README.md
@ -20,9 +20,9 @@ services:
      - again
    environment:
        # Set mapping ports
-        HELLO_TOR_SERVICE_HOSTS: 80:hello:80,800:hello:80,8888:hello:80
+        SERVICE1_TOR_SERVICE_HOSTS: 80:hello:80,800:hello:80,8888:hello:80
        # Set private key
-        HELLO_TOR_SERVICE_KEY: |
+        SERVICE1_TOR_SERVICE_KEY: |
            -----BEGIN RSA PRIVATE KEY-----
            MIICXQIBAAKBgQDR8TdQF9fDlGhy1SMgfhMBi9TaFeD12/FK27TZE/tYGhxXvs1C
            NmFJy1hjVxspF5unmUsCk0yEsvEdcAdp17Vynz6W41VdinETU9yXHlUJ6NyI32AH
@ -40,10 +40,10 @@ services:
            -----END RSA PRIVATE KEY-----

        # hello and again will share the same onion v3 address
-        FOO_TOR_SERVICE_HOSTS: 88:again:80,8000:world:80
-        FOO_TOR_SERVICE_VERSION: '3'
+        SERVICE2_TOR_SERVICE_HOSTS: 88:again:80,8000:world:80
+        SERVICE2_TOR_SERVICE_VERSION: '3'
        # tor v3 address private key base 64 encoded
-        FOO_TOR_SERVICE_KEY: |
+        SERVICE2_TOR_SERVICE_KEY: |
            PT0gZWQyNTUxOXYxLXNlY3JldDogdHlwZTAgPT0AAACArobDQYyZAWXei4QZwr++
            j96H1X/gq14NwLRZ2O5DXuL0EzYKkdhZSILY85q+kfwZH8z4ceqe7u1F+0pQi/sM

@ -63,10 +63,17 @@ services:
 This configuration will output:

 ```
-foo: xwjtp3mj427zdp4tljiiivg2l5ijfvmt5lcsfaygtpp6cw254kykvpyd.onion:88, xwjtp3mj427zdp4tljiiivg2l5ijfvmt5lcsfaygtpp6cw254kykvpyd.onion:8000
-hello: 5azvyr7dvvr4cldn.onion:80, 5azvyr7dvvr4cldn.onion:800, 5azvyr7dvvr4cldn.onion:8888
+service2: xwjtp3mj427zdp4tljiiivg2l5ijfvmt5lcsfaygtpp6cw254kykvpyd.onion:88, xwjtp3mj427zdp4tljiiivg2l5ijfvmt5lcsfaygtpp6cw254kykvpyd.onion:8000
+service1: 5azvyr7dvvr4cldn.onion:80, 5azvyr7dvvr4cldn.onion:800, 5azvyr7dvvr4cldn.onion:8888
 ```

+`xwjtp3mj427zdp4tljiiivg2l5ijfvmt5lcsfaygtpp6cw254kykvpyd.onion:88` will hit `again:80`.
+`xwjtp3mj427zdp4tljiiivg2l5ijfvmt5lcsfaygtpp6cw254kykvpyd.onion:8000` will hit `wold:80`.
+
+`5azvyr7dvvr4cldn.onion:80` will hit `hello:80`.
+`5azvyr7dvvr4cldn.onion:800` will hit `hello:80` too.
+`5azvyr7dvvr4cldn.onion:8888` will hit `hello:80` again.
+
 #### Environment variables

 ##### `{SERVICE}_TOR_SERVICE_HOSTS`
@ -119,6 +126,20 @@ PT0gZWQyNTUxOXYxLXNlY3JldDogdHlwZTAgPT0AAACArobDQYyZAWXei4QZwr++j96H1X/gq14NwLRZ

 Set tor sock5 proxy port for this tor instance. (Use this if you need to connect to tor network with your service)

+##### `TOR_EXTRA_OPTIONS`
+
+Add any options in the `torrc` file.
+
+```yaml
+services:
+  tor:
+    environment:
+        # Add any option you need
+        TOR_EXTRA_OPTIONS: |
+          HiddenServiceNonAnonymousMode 1
+          HiddenServiceSingleHopMode 1
+```
+

 #### Secrets

--- a/assets/onions/tests/onions_test.py
+++ b/assets/onions/tests/onions_test.py
@ -79,7 +79,15 @@ HiddenServicePort {{port.port_from}} {{service.host}}:{{port.dest}}
 ORPort 9001
 {% endif %}

+{% if 'TOR_SOCKS_PORT' in env %}
+SocksPort {{env['TOR_SOCKS_PORT']}}
+{% else %}
 SocksPort 0
+{% endif %}
+
+{% if 'TOR_EXTRA_OPTIONS' in env %}
+{{env['TOR_EXTRA_OPTIONS']}}
+{% endif %}

 # useless line for Jinja bug
    '''.strip()
@ -282,6 +290,10 @@ def test_key_in_secret(fs, monkeypatch):


 def test_configuration(fs, monkeypatch, tmpdir):
+    extra_options = '''
+HiddenServiceNonAnonymousMode 1
+HiddenServiceSingleHopMode 1
+    '''.strip()

    env = {
        'SERVICE1_SERVICE_NAME': 'group1',
@ -296,7 +308,8 @@ def test_configuration(fs, monkeypatch, tmpdir):
        'GROUP4_TOR_SERVICE_HOSTS': '81:unix://unix2.sock',
        'GROUP3V3_TOR_SERVICE_VERSION': '3',
        'GROUP3V3_TOR_SERVICE_HOSTS': '80:service4:888,81:service5:8080',
-        'SERVICE5_TOR_SERVICE_HOSTS': '80:service5:80'
+        'SERVICE5_TOR_SERVICE_HOSTS': '80:service5:80',
+        'TOR_EXTRA_OPTIONS': extra_options,
    }

    hidden_dir = '/var/lib/tor/hidden_service'
@ -339,6 +352,8 @@ def test_configuration(fs, monkeypatch, tmpdir):
    assert torrc.count('HiddenServicePort 80 service5:80') == 1
    assert torrc.count('HiddenServicePort 81 unix://unix2.sock') == 1
    assert torrc.count('HiddenServiceVersion 3') == 2
+    assert 'HiddenServiceNonAnonymousMode 1\n' in torrc
+    assert 'HiddenServiceSingleHopMode 1\n' in torrc

    # Check parser
    onion2 = Onions()
--- a/assets/torrc
+++ b/assets/torrc
@ -25,4 +25,8 @@ SocksPort {{env['TOR_SOCKS_PORT']}}
 SocksPort 0
 {% endif %}

+{% if 'TOR_EXTRA_OPTIONS' in env %}
+{{env['TOR_EXTRA_OPTIONS']}}
+{% endif %}
+
 # useless line for Jinja bug